Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.
On Thu, Aug 07, 2008 at 01:53:23PM -0600, RYAN vAN GINNEKEN wrote: > Hello again all, I am running DRBD behind a router and between two > remote machines. I have the machine DMZed for better access but am > getting errors. Therefore the address the outside world (as well as > the other drbd machine) sees is different than what the machine thinks > it has. Outside address is 220.127.116.11 and ifconfig returns > 192.168.1.202 you are aware that DRBD replicates the data in plain text? if it replicates across the internet, you basically have a complete raw plaintext dump of your block device content constantly streaming through the internet. hopefully you don't have any sensitive data on that volume. I'd recommend to establish a VPN (openvpn, ipsec, whatever) between your sites, or even better, and end-to-end VPN between the DRBD nodes, then use the private addresses again in your DRBD config, as now they would not be natted at all, but tunneled via VPN. -- : Lars Ellenberg http://www.linbit.com : : DRBD/HA support and consulting sales at linbit.com : : LINBIT Information Technologies GmbH Tel +43-1-8178292-0 : : Vivenotgasse 48, A-1120 Vienna/Europe Fax +43-1-8178292-82 : __ please don't Cc me, but send to list -- I'm subscribed